Vulnerability Details CVE-2018-7111
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/105704
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03891en_us
- https://exchange.xforce.ibmcloud.com/vulnerabilities/151691
- http://www.securityfocus.com/bid/105704
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03891en_us
Products affected by CVE-2018-7111
-
cpe:2.3:a:hp:universal_internet_of_things:1.2.4.2
-
cpe:2.3:a:hp:universal_internet_of_things:1.4.0
-
cpe:2.3:a:hp:universal_internet_of_things:1.4.1
-
cpe:2.3:a:hp:universal_internet_of_things:1.4.2
-
cpe:2.3:a:hp:universal_internet_of_things:1.5